Autor: Chris Knipe Data: A: exim-users Assumpte: [exim] rather weird logs....
Hi,
error log:
2005-05-11 07:50:29 SMTP protocol violation: synchronization error (input
sent without waiting for greeting): rejected connection from
H=wbs-146-166-66.telkomadsl.co.za [165.146.166.66] I=[196.30.191.122]:25
input="421 Too many concurrent SMTP connections from this IP address; please
try again
later.\r\nl:*:6:\nbin:*:7:\nnews:*:8:\nman:*:9:\ngames:*:13:\nstaff:*:20:user1,user2\nsshd:*:22:\nmailnull:*:24:\nexim:*:25:\nmailnull:*:26:\nguest:*:31:\nbind:*:53:\nproxy:*:62:\nauthpf:*:63:\n_pflogd:*:64:\nuucp:*:66:\ndialer:*:68:\nnetwork:*:69:\nsmmsp:*:79:\nwww:*:80:\nmysql:*:81:\nrbldns:*:81:\nsquid:*:85:\nftp:*:86:\npmx4:*:87:\nrt:*:88:www\nradiusd:*:89:\nmailman:*:91:\nnogroup:*:65533:\nnobody:*:65534:\ncknipe:*:1001:\nrhys:*:1002:\n"
main log:
2005-05-11 07:50:29 SMTP connection from [165.146.166.66]
I=[196.30.191.122]:25 (TCP/IP connection count = 1)
2005-05-11 07:50:29 SMTP protocol violation: synchronization error (input
sent without waiting for greeting): rejected connection from
H=wbs-146-166-66.telko
madsl.co.za [165.146.166.66] I=[196.30.191.122]:25 input="421 Too many
concurrent SMTP connections from this IP address; please try again
later.\r\nl:*:6:\nb
in:*:7:\nnews:*:8:\nman:*:9:\ngames:*:13:\nstaff:*:20:user1,user2\nsshd:*:22:\nmailnull:*:24:\nexim:*:25:\nmailnull:*:26:\nguest:*:31:\nbind:*:53:\nproxy:*:6
2:\nauthpf:*:63:\n_pflogd:*:64:\nuucp:*:66:\ndialer:*:68:\nnetwork:*:69:\nsmmsp:*:79:\nwww:*:80:\nmysql:*:81:\nrbldns:*:81:\nsquid:*:85:\nftp:*:86:\npmx4:*:8
7:\nrt:*:88:www\nradiusd:*:89:\nmailman:*:91:\nnogroup:*:65533:\nnobody:*:65534:\ncknipe:*:1001:\nrhys:*:1002:\n"
2005-05-11 07:51:22 cwd=/var/spool/exim 2 args: /usr/sbin/exim -q
2005-05-11 07:51:22 Start queue run: pid=26212
2005-05-11 07:51:22 1DVUxz-0001TK-q6 Message is frozen
2005-05-11 07:51:22 End queue run: pid=26212
2005-05-11 07:51:42 SMTP connection from [165.146.166.66]
I=[196.30.191.122]:25 (TCP/IP connection count = 1)
2005-05-11 07:51:42 getsockopt() failed from [165.146.166.66]
I=[196.30.191.122]:25: Connection reset by peer
Now, what is *really* bothing me.... What is the contents of my /etc/group
doing in the reject log?!?!?!?!?!?!?!